Safeguard
Tag

telecom-security

Safeguard articles tagged "telecom-security" — guides, analysis, and best practices for software supply chain and application security.

8 articles

Software Supply Chain Security

Software supply chain security for telecom network infras...

Why telecom network software supply chain security demands continuous SBOMs and vendor risk oversight — from 5G base stations to core networks — and how carriers are closing the gap.

Dec 26, 20257 min read
Software Supply Chain Security

5G network function virtualization (NFV) and Open RAN sof...

5G networks now run on open-source-heavy virtualized and Open RAN software stacks. Here's where the real supply chain risk hides, and how to manage it.

Dec 25, 20258 min read
Regulatory Compliance

FCC and CISA guidance on telecom software supply chain se...

FCC telecom software supply chain guidance now overlaps with the Covered List and CISA telecom advisories. Here's what carriers must actually track.

Dec 25, 20257 min read
Open Source Security

How to manage open source risk in telecom OSS/BSS softwar...

A practical guide to managing telecom OSS/BSS open source risk—from SBOM inventory to dependency scanning—so carrier billing and network software stays secure.

Dec 25, 20258 min read
Industry Analysis

Third-party risk management for telecom equipment vendors

A practical playbook for vetting telecom equipment vendors: supply chain checks, hardware/software audits, and procurement security controls.

Dec 25, 20258 min read
Vulnerability Analysis

CVE analysis: vulnerabilities in Open RAN and 5G core net...

An open RAN 5G core CVE analysis of the 5Ghoul modem flaws: affected components, CVSS/EPSS/KEV context, disclosure timeline, and practical remediation steps.

Dec 24, 20258 min read
Open Source Security

How to vet open source software before deployment in tele...

A seven-step process for vetting open source telecom core network components — SBOMs, signature verification, protocol fuzzing, and procurement sign-off — before they reach production.

Dec 24, 20257 min read
Vulnerability Analysis

Erlang/OTP SSH CVE-2025-32433: Unauthenticated RCE Scoring 10.0

A maximum-severity vulnerability in Erlang/OTP's SSH server allowed unauthenticated remote code execution. Any system running Erlang's built-in SSH daemon was at risk, including telecom infrastructure.

Apr 16, 20255 min read
telecom-security — Safeguard Blog